English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.122390
Category:Oracle Linux Local Security Checks
Title:Oracle: Security Advisory (ELSA-2010-0126)
Summary:The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2010-0126 advisory.
Description:Summary:
The remote host is missing an update for the 'kvm' package(s) announced via the ELSA-2010-0126 advisory.

Vulnerability Insight:
[kvm-83-105.0.1.el5_4.27]
- Add kvm-add-oracle-workaround-for-libvirt-bug.patch

[kvm-83-105.el5_4.27]
- kvm-kernel-KVM-VMX-Check-cpl-before-emulating-debug-register-ac.patch [bz#563516]
- Resolves: bz#563516
(KVM: Check cpl before emulating debug register access [rhel-5.4.z])

[kvm-83-105.el5_4.26]
- kvm-kernel-KVM-Don-t-check-access-permission-when-loading-segme.patch [bz#563464]
- kvm-kernel-KVM-Disable-move-to-segment-registers-and-jump-far-i.patch [bz#563464]
- Resolves: bz#563464
(EMBARGOED CVE-2010-0419 kvm: emulator privilege escalation segment selector check [rhel-5.4.z])

[kvm-83-105.el5_4.25]
- kvm-virtio-blk-Fix-reads-turned-into-writes-after-read-e.patch [bz#562776]
- kvm-virtio-blk-Handle-bdrv_aio_read-write-NULL-return.patch [bz#562776]
- Resolves: bz#562776
(Guest image corruption after RHEV-H update to 5.4-2.1.3.el5_4rhev2_1)

[kvm-83-105.el5_4.24]
- Apply bz#561022 patches again (undo the reverts from kvm-83-105.el5_4.23)
- kvm-qemu-add-routines-for-atomic-16-bit-accesses-take-2.patch [bz#561022]
- kvm-qemu-virtio-atomic-access-for-index-values-take-2.patch [bz#561022]
- Resolves: bz#561022
(QEMU terminates without warning with virtio-net and SMP enabled)

[kvm-83-105.el5_4.23]
- Revert bz#561022 patches by now, until they get better testing
- kvm-Revert-qemu-virtio-atomic-access-for-index-values.patch [bz#561022]
- kvm-Revert-qemu-add-routines-for-atomic-16-bit-accesses.patch [bz#561022]
- Related: bz#561022
(QEMU terminates without warning with virtio-net and SMP enabled)

Affected Software/OS:
'kvm' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-3722
37221
http://www.securityfocus.com/bid/37221
MDVSA-2010:198
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
RHSA-2010:0126
http://www.redhat.com/support/errata/RHSA-2010-0126.html
USN-864-1
http://www.ubuntu.com/usn/usn-864-1
[oss-security] 20091029 CVE request: kvm: check cpl before emulating debug register access
http://marc.info/?l=oss-security&m=125678631403558&w=2
[oss-security] 20091029 Re: CVE request: kvm: check cpl before emulating debug register access
http://marc.info/?l=oss-security&m=125680666827148&w=2
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0a79b009525b160081d75cef5dbf45817956acf2
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.9
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.1
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc1
https://bugzilla.redhat.com/show_bug.cgi?id=531660
oval:org.mitre.oval:def:9892
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9892
Common Vulnerability Exposure (CVE) ID: CVE-2010-0419
1023663
http://securitytracker.com/id?1023663
38467
http://www.securityfocus.com/bid/38467
https://bugzilla.redhat.com/show_bug.cgi?id=563463
kernel-selectors-privilege-escalation(56662)
https://exchange.xforce.ibmcloud.com/vulnerabilities/56662
oval:org.mitre.oval:def:10139
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10139
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.